System and method for routing supl proxy-mode traffic when multiple nodes are deployed in a network

ABSTRACT

A system and method for connecting a mobile device to a node in a wireless network. A query may be received for a mobile device from a location based application. In response to the query a first message may be transmitted to the mobile device from a first node, the first message being populated with at least one predetermined parameter. At a second node, it may then be determined whether to forward a second message from the mobile device to the first node via the second node as a function of the availability of the first node or the at least one predetermined parameter.

RELATED APPLICATIONS

This application is a continuation of U.S. patent application Ser. No.13/123306, filed 8 Apr. 2011, which is a U.S. National Stage under 35USC 371 patent application, claiming priority to Serial No.PCT/US2009/065511, filed on 23 Nov. 2009; which claims priority fromU.S. Provisional Application No. 61/193541 filed 5 Dec. 2008, entitled“System and Method for Routing SUPL Proxy-Mode Traffic When MultipleNodes are Deployed in a Network,” the entirety of all which isincorporated herein by reference.

BACKGROUND

This disclosure generally relates to position or location approaches inGSM, CDMA, and UMTS networks. Further, this disclosure relates to userand control plane location approaches in core networks and GERAN, UTRAN,and Complementary Access radio access networks.

Mobile communications infrastructure is typically conceptualized in twogenerally separate components: the core network (“CN”); and the radioaccess network (RAN). Together, this infrastructure enables userequipment (“UE”), the RAN, and CN to be developed and implementedseparately according to the permissive standards set by organizationssuch as 3GPP and ITU. Thus, various types of RANs, such as GERAN orUTRAN, can be paired with a single UMTS CN. Also, the UMTS standardsprovide for protocol separation between data related to usercommunications and data related to control of the network's variouscomponents. For example, within a UMTS mobile communications network,User Plane (“UP”) bearers are responsible for the transfer of user data,including but not limited to voice or application data. Control Plane(“CoP”) bearers handle control signaling and overall resourcemanagement.

As mobile networks transition towards 3G and beyond, location services(LCS, applications of which are sometimes referred to as Location BasedServices, or LBS) have emerged as a vital service component enabled orprovided by wireless communications networks. In addition to providingservices conforming to government regulations such as wireless E911, LCSsolutions also provide enhanced usability for mobile subscribers andrevenue opportunities for network operators and service providers alike.

Position includes geographic coordinates, relative position, andderivatives such as velocity and acceleration. Although the term“position” is sometimes used to denote geographical position of anend-user while “location” is used to refer to the location within thenetwork structure, these terms may often be used interchangeably withoutcausing confusion. Common position measurement types used in mobilepositioning or LCS include, but are not limited to, range, proximity,signal strength (such as path loss models or signal strength maps),round trip time, time of arrival, and angle of arrival. Multiplemeasurements can be combined, sometimes depending on which measurementtypes are available, to measure position. These combination approachesinclude, but are not limited to, radial (for example, employing multiplerange measurements to solve for best agreement among circular loci),angle (for example, combining range and bearing using signal strength orround trip time), hyperbolic (for example, using multipletime-of-arrival), and real time differencing (for example, determiningactual clock offsets between base stations).

Generally, LCS methods are accomplished through CoP or UP methods. CoPLocation (“CoPL”) refers to using the control signaling channel withinthe network to provide location information of the subscriber or UE. UPLocation (“UPL”), such as Secure User Plane Location (“SUPL”) uses theuser data channel to provide location information. CoPL locationapproaches include, but are not limited to, Angle-of-Arrival (“AoA”),Observed Time-Difference-of-Arrival (“OTDoA”), Observed-Time-Difference(“OTD”), Enhanced-OTD (“E-OTD”), Enhanced Cell-ID (“E-CID”), AssistedGlobal Positioning System (“A-GPS”), and Assisted Galileo NavigationSatellite System (“A-GNSS”). UPL approaches include, but are not limitedto, A-GPS, A-GNSS, and E-CID, where this position data is communicatedover Internet Protocol (“IP”).

There are two established architectures associated with locationdetermination in modern cellular networks. The architectures are ControlPlane (“CoP”) and User Plane (“UP”) architectures. Typically locationrequests are sent to a network through a query gateway function 1.Depending on the network implementation CoP 15 or UP 10 may be used butnot a combination of both, as shown in FIG. 1. Note that queries mayalso come directly from the target device itself rather than via agateway. Similarly, CoP or UP may be used but not both.

The difference between user plane and control plane, strictly, is thatthe former uses the communication bearer established with the device inorder to communicate measurements. The latter uses the native signalingchannels supported by the controlling network elements of the core andaccess to communicate measurements. As such, a CoPL solution supportingA-GPS would use its control plane signaling interfaces to communicateGPS data to/from the handset. Similarly UPL can conduct E-OTD—thehandset takes the timing measurements but it communicates them to thelocation platform using the data bearer.

UPL has the advantage of not depending on specific access technology tocommunicate measurement information. CoPL has the advantage that it canaccess and communicate measurements which may not be available to thedevice. Current models require network operators to deploy one or theother; CoPL or UPL.

Control Plane Location (“CoPL”) uses the native signaling plane of thenetwork to establish sessions and communicate messages associated withlocation requests and to communicate measurements used for determininglocation. The control plane is the signaling infrastructure used forprocedures such as call control, hand-off, registration, andauthentication in a mobile network; CoPL uses this same infrastructurefor performing location procedures. CoPL can utilize measurements madeby both the control plane network elements as well as the end-userdevice being located.

FIG. 2A illustrates an exemplary architectural diagram of CoPL. A mobilestation or mobile appliance 101 communication with a base transceiverstation (“BTS”) 105 via wireless interface Um. A base station controller(“BSC”) 107 manages radio resources including the BTS 105 via an Abisinterface. The Abis interface is an open interface completely defined aspart of the ETSI specification for GSM and carries the call set upinformation, including voice channel assignments between the BSC 107 andBTS 105. A mobile switching center/visitor's location register(“MSC/VLR”) 113 coordinates between the mobile appliance communicationnetwork and a gateway mobile location center (“GMLC”) 117.

In operation, a location measurement device (not shown) may be connectedto the BSC 107 via the Abis wire line interface and makes measurementson the RF signals of the Um interface, along with other measurements tosupport one or more of the position methods associated with the CoPL.Measurements from the location measurement units are sent to a servicingmobile location center (“SMLC”) 109 via BSC 107 where the location of anMS 101 can be determined. The BTS 105, BSC 107 and SMLC 109 form a basestation subsystem (“BSS”) 103. The GMLC 117 is connected to a homelocation register (“HLR”) 111 over an Lh interface and the MSC/VLR 113over an Lg interface. A gateway mobile switching center (“GMSC”) 115 isoperably connected to the MSC/VLR 113 to allow interconnection withother networks.

The operation of a CoPL architecture is shown in FIG. 2B. This shows the3GPP location services architecture. A gateway mobile location centre(“GMLC”) 117 is the network element that receives the location requests.The GMLC queries the HLR 111 over the Lh interface to find out whichpart of the access network 107 is currently serving the target device.The GMLC 117 sends a location request to the current serving corenetwork node 113 via the Lg interface. The current serving core networknode 113 (e.g., MSC or serving GPRS service node (“SGSN”)) then passesthe request to the part of the access network 107 attached to the targetdevice (e.g., GERAN BSC or UTRAN RNC). This access network element 107then invokes the facilities of the SMLC 109. The location requestsession between the access network node 107 and the SMLC 109 provides achannel by which the SMLC 109 can ask for network measurements or tosend messages to the end-user device 101 so that device measurementinformation can be exchanged. The SMLC 109 may also obtain locationmeasurement information from external devices 110 such as locationmeasurement units (“LMUs”) which take RF readings from the airinterface. Similarly, the device may also take measurements fromexternal systems, such as GPS satellites, and communicate these to theSMLC 109.

Developed as an alternative to CoPL, Secure User Plane Location (“SUPL”)is set of standards managed by the Open Mobile Alliance (“OMA”) totransfer assistance data and positioning data over IP to aid network andterminal-based positioning technologies in ascertaining the position ofa SUPL Enabled Terminal (“SET”).

User Plane Location (“UPL”) does not explicitly utilize the controlplane infrastructure. Instead UPL assumes that a data bearer plane isavailable between the location platform and the end-user device. Thatis, a control plane infrastructure may have been involved inestablishing the data bearer so that communication can occur with thedevice but no location-specific procedural signaling occurs over thecontrol plane. As such, UPL is limited to obtaining measurementsdirectly from the end-user device itself.

SUPL includes a Lup reference point, the interface between the SUPLLocation Platform (“SLP”) and SET, as well as security, authentication,authorization, charging functions, roaming, and privacy functions. Fordetermining position, SUPL generally implements A-GPS, A-GNSS, orsimilar technology to communicate location data to a designated networknode over Internet Protocol (“IP”).

FIG. 3A illustrates an exemplary architectural diagram for SUPL. Theillustrated entities represent a group of functions, and not necessarilyseparate physical devices. In the SUPL architecture, an SLP 201 and SET207 are provided. The SLP 201 may include a SUPL Location Center (“SLC”)203 and a SUPL Positioning Center (“SPC”) 205. The SLC and SPCoptionally communicate over the LIp interface, for instance, when theSLC and SPC are deployed as separate entities. The SET 207 generallyincludes a mobile location services (“MLS”) application, an applicationwhich requests and consumes location information, or a SUPL Agent, aservice access point which accesses the network resources to obtainlocation information.

For any SET, an SLP 201 can perform the role of the home SLP (“H-SLP”),visited SLP (“V-SLP”) or emergency SLP (“E-SLP”). An H-SLP for a SETincludes the subscription, authentication, and privacy related data forthe SET and is generally associated with a part of the SET's home publicland mobile network (“PLMN”). A V-SLP for a SET is an SLP selected by anH-SLP or E-SLP to assist in positioning thereof and is associated withor contained in the PLMN serving the SET. The E-SLP may performpositioning in association with emergency services initiated by the SET.

The SLC 203 coordinates operations of SUPL in the network and interactswith the SET over the User Plane bearer to perform various functionsincluding, but not limited to, privacy, initiation, security, roaming,charging, service management, and positioning calculation. The SPC 205supports various functions including, but not limited to, security,assistance delivery, reference retrieval, and positioning calculation.

SUPL session initiation is network-initiated or SET-initiated. The SUPLarchitecture provides various alternatives for initiating andfacilitating SUPL functions. For example, a SUPL Initiation Function(“SIF”) is optionally initiated using a Wireless Application ProtocolPush Proxy Gateway (“WAP PPG”) 211, a Short Message Service Center(“SMSC/MC”) 213, or a User Datagram Protocol/Internet Protocol(“UDP/IP”) 215 core, which forms user plane bearer 220.

The operation of UPL is shown in FIG. 3B. Secure User Plane Location isa standard specification for UPL. Location requests come to the SLP 201from external applications or from the end-user device itself. If a datasession does not exist between the SLP 201 and the device 207 already,then the SLP 201 may initiate a request such that an IP session (userplane bearer 220) is established between the device 207 and the SLP 201.From then on, the SLP 201 may request measurement information from thedevice 207. The device may also take measurements from the network 107or from external systems such as GPS 210. Because there is no controlplane connectivity to the network, the SLP 201 cannot directly requestany measurement information from the network 107 itself. Moreinformation on SUPL, including the Secure User Plane LocationArchitecture documentation (OMA-AD-SUPL), can be readily obtainedthrough OMA.

SUMMARY

In SUPL, each SET has a securely provisioned (or derived) H-SLP address.In proxy-mode, the SET generally connects to this address for any query(SET-initiated and network-initiated). The SUPL specifications onlydiscuss a single H-SLP being present in the network. There are variousreasons why a network operator would want to deploy more than one H-SLP(e.g., scaling capacity reasons and geographic redundancy). This kind ofdeployment is considered beyond the scope of the current SUPLspecifications.

Therefore, considering the situation where multiple H-SLPs are deployed,these SLPs must share the H-SLP address provisioned in the SET. This maybe easily achieved by using a standard global server load balancer(“GSLB”) in front of the H-SLPs. For SET-initiated queries, the SET'sH-SLP fully qualified domain name (“FQDN”) resolves to the GSLB, andthis GSLB simply routes the connection through to any H-SLP.

However, a problem exists with network-initiated queries. With referenceto FIG. 4, for network initiated queries, there currently is nomechanism that would allow the SET to connect specifically to the H-SLPthat initiated the query. For example, a location based application(“LBA”) may make a Mobile Location Protocol (“MLP”) query to anarbitrary SLP at 401. The SLP may then send a SUPL INIT message to theSET via WAP PUSH, SMS or UDP at 402. The SET would establish a TLSconnection to its provisioned H-SLP at 403, and the SET would send aSUPL POS INIT message on this connection to continue the session at 404.The SUPL POS INIT message must, however, end up at the SLP whichinitiated the query at 405. Due to security constraints the SLP cannotsimply pass an address to which the SET can blindly connect.

Therefore, a need exists in the industry to solve this routing problemin the network-initiated case, thereby allowing multiple H-SLPs to bedeployed in a communications network. In one embodiment a method forconnecting a mobile device to a node in a wireless network is provided.The method may comprise the steps of receiving a query for a mobiledevice from a location based application, transmitting a first messageto the mobile device from an initiating node in response to the query,the first message being populated with predetermined parameters andestablishing a transport layer security (“TLS”) connection to theinitiating node. A second message may then be forwarded from the mobiledevice to the initiating node as a function of one or more of theparameters in the first message.

Another embodiment of the present subject matter provides a method forconnecting a mobile device to a node in a wireless network. The methodmay include the steps of receiving a query for a mobile device from alocation based application, transmitting a first message to the mobiledevice from an initiating node in response to the query, the firstmessage being populated with predetermined parameters, and establishinga TLS connection to a second node. A second message may be forwardedfrom the mobile device to the initiating node via the second node as afunction of one or more of the parameters in the first message. In oneembodiment the forwarding may include determining at the second nodewhether the parameter identifies the second node as the initiating node.If the parameter in the second message fails to identify the second nodeas the initiating node, then the second message may be forwarded to athird node as a function of the parameter.

One embodiment of the present subject matter may provide a method forconnecting a mobile device to a node in a wireless network. The methodmay include the steps of receiving a query for a mobile device from alocation based application, transmitting a first message to the mobiledevice from an initiating node in response to the query, the firstmessage being populated with predetermined parameters, and establishinga TLS connection to a second node. A second message may be forwardedfrom the mobile device to the initiating node via the second node byassociating a parameter with the initiating node. In one embodiment,this forwarding may include terminating the established TLS connectionfrom the mobile device and examining the content of the second messageas a function of the message header. If the header does not include theparameter, a connection may be established between the mobile device anynode in the network as a function of the availability of the node. Ifthe header includes the parameter, then the parameter may be extractedfrom the header, an Internet protocol address associated with theparameter determined, and a connection between the mobile device and theinitiating node established.

In a further embodiment of the present subject matter a method forconnecting a mobile device to a node in a wireless network is provided.The method may include the steps of receiving a query for a mobiledevice from a location based application, transmitting a first messageto the mobile device from an initiating node in response to the query,the first message being populated with predetermined parameters. Themobile device then determines the route to the initiating node by theaugmentation of information it contains with information received in thefirst message, thereby allowing it to establish a TLS connection to theinitiating node.

In an additional embodiment of the present subject matter a method forconnecting a mobile device to a node in a wireless network is provided.The method may include the steps of receiving a query for a mobiledevice from a location based application and transmitting a firstmessage to the mobile device from a first node in response to the query,the first message being populated with at least one predeterminedparameter. It may then be determined at a second node whether to forwarda second message from the mobile device to the first node via the secondnode as a function of the availability of the first node or the at leastone predetermined parameter.

BRIEF DESCRIPTION OF THE DRAWINGS

Various aspects of the present disclosure will be or become apparent toone with skill in the art by reference to the following detaileddescription when considered in connection with the accompanyingexemplary non-limiting embodiments.

FIG. 1 is an illustration of a prior art gateway function.

FIG. 2A is an illustration of an exemplary architectural diagram forCoPL.

FIG. 2B is an illustration of the operation of an exemplary CoPLarchitecture.

FIG. 3A is an illustration of an exemplary architectural diagram forSUPL.

FIG. 3B is an illustration of the operation of an exemplary SUPLarchitecture.

FIG. 4 is a diagram of network initiated SUPL messaging.

FIG. 5 is an illustration of one embodiment of the present subjectmatter.

FIG. 6 is an illustration of a further embodiment of the present subjectmatter.

FIG. 7 is an illustration of an additional embodiment of the presentsubject matter.

DETAILED DESCRIPTION

With reference to the figures where like elements have been given likenumerical designations to facilitate an understanding of the presentsubject matter, the various embodiments of a system and method forrouting SUPL proxy-mode traffic when multiple nodes are deployed in anetwork.

One embodiment of the present subject matter provides a domain nameserver (“DNS”) based solution. Generally, this embodiment may includesmall changes in the SET in the way the provisioned H-SLP FQDN isresolved to an IP address via a DNS thereby allowing the correct H-SLPto be identified prior to the SET establishing the connection.

The SUPL specifications do not go into any detail regarding how the SETresolves its provisioned H-SLP FQDN to an IP address to which the SETshould connect. One embodiment of the present subject provides a novelmethod such that the SET is able to connect directly to the H-SLP thatsent the SUPL INIT. FIG. 5 is an illustration of one embodiment of thepresent subject matter. With reference to FIG. 5, a global server loadbalancing (“GSLB”) mechanism 502 may be placed in front of the SLPs 504.This load balancer 502 may distribute connection attempts to availableSLPs at 506 (e.g., round robin, least connections, etc.) and provides noadditional SUPL intelligence.

For Network-initiated queries, when sending the SUPL INIT message, theSLP 504 may populate the “SLPId” field of the SessionId (in the SUPLmessaging header) with the SET-routable IP address of the SLP 504. TheDNS server 508 may then be configured to return multiple IP addressesfor the single securely provisioned FQDN in the SET 510. The firstaddress in this list is that of the global server load balancer 502, theremaining addresses are the individual H-SLP addresses 504. It should benoted that DNS load balancing may not be used, and hence the order ofthese returned addresses does not change.

For a SET-initiated query, the SET 510 may utilize the first addressreturned from the DNS 508, which is the GSLB 502 resulting in any SLP504 being chosen to service the query. For a network-initiated query,the SET 510 connects to the address in the DNS list that matches theSLPId received in the SUPL INIT message. It should be noted that theaddress provided in the SUPL INIT is not blindly being utilized by theSET 510 to establish the connection; rather, the address is beingutilized in conjunction with the addresses returned as a result ofresolving the provisioned H-SLP FQDN (if no match is found in the DNSaddress list the message would be dropped). As such, this is not viewedas any less secure than standard SUPL messaging where no address ispassed in the SLPId field.

Another embodiment of the present subject matter provides an SLP-relaysolution which involves H-SLPs communicating between each other so anincorrectly chosen H-SLP may relay the messaging to the correct H-SLP.This embodiment requires no changes in a handset but may require customSLP behavior to proxy queries between SLPs.

FIG. 6 is an illustration of a further embodiment of the present subjectmatter. With reference to FIG. 6, a GSLB mechanism 602 may be placed infront of the SLPs 604. This load balancer 602 may distribute connectionattempts to available SLPs 604 (e.g., round robin, least connections,etc.) and may provide no additional SUPL intelligence. SETs 610 maycontinue to behave as per a SUPL 1.0 implementation, that is, the SETs610 resolve the securely provisioned FQDN to a single IP address andinitiate the connection (both SET-initiated and Network-initiated) tothat address. The address returned from the DNS 608 is that of the GSLB602. In this embodiment, however, each H-SLP may be aware of all othermated H-SLPs.

Therefore, for network initiated queries, if a SUPL POS INIT is receivedat an H-SLP that did not initiate the SUPL INIT, the SLPId in thereceived message is used to identify the correct H-SLP. From this pointon the incorrect H-SLP (that is, the H-SLP the SET connected to)essentially becomes a proxy for the correct SLP.

It should be noted that no matter how many H-SLPs are deployed in anexemplary communications network, it is generally a single hop to getfrom an incorrect H-SLP to the correct one since the correct one isidentified in the SLPId of the SUPL POS INIT message. There are pluralmethods that the H-SLP message relay mechanism may operate and theprevious example should not limit the scope of the claims appendedherewith. The following, however, should be considered in such methods,given SLP-A initiates the SUPL INIT and the SUPL POS INIT arrives atSLP-B: (i) SLP-A has the respective stored hashed message authenticationcode (“HMAC”—a calculated value over the transmitted SUPL INIT) that isused to authenticate the SUPL POS INIT (therefore, SLP-B cannot justcomplete the entire transaction and send the final result over toSLP-A); (ii) SLP-A has the outstanding MLP request, and hence the MLPresponse needs to be sent from SLP-A.

Two options that may then be considered for H-SLP connectivity, amongothers, include: (i) SLP-B essentially appears as an SET to SLP-A. Thatis, when an incorrect connection arrives at SLP-B, the correct H-SLP isidentified by the SLPId field in the received SUPL POS INIT message.SLP-B initiates a connection attempt to SLP-A (this connection wouldpotentially not need to be secure given the assumption that a reliableand trusted connection path exists between an operator's deployedH-SLPs). All messages may then be relayed through SLP-B between the SETand SLP-A. Thus, as far as SLP-A is concerned, it appears as though theSET has connected directly to it. The advantage, of this embodiment isthat no new interface/protocols are required between H-SLPs, theexisting ULP protocol is used; and (ii) State retrieval from SLP-A. Thatis, when the SET connection is made to SLP-B and the SUPL POS INITmessage received, SLP-B retrieves the required information from SLP-Anecessary to complete the transaction. The entire SUPL transaction thentakes place between the SET and SLP-B. When the session is completed,the final response is sent to SLP-A allowing it to respond to the MLPquery. While this embodiment minimizes relayed traffic between H-SLPs,it may require an additional proprietary interface between H-SLPs toallow state retrieval and response messaging.

An additional embodiment of the present subject matter provides anintelligent SUPL load balancer solution providing additionalintelligence in the GSLB enabling the GSLB to correctly route traffic tothe correct H-SLP. The intelligent SUPL load balancer solution requiresno changes to the standard SUPL functionality in either the SET or SLP.This intelligent GSLB may then be responsible for ensuring thenetwork-initiated queries are routed to the correct H-SLP.

FIG. 7 is an illustration of an additional embodiment of the presentsubject matter. With reference to FIG. 7, each H-SLP 704 in the networkmay be configured to send a unique SLPId value within the SessionId ofSUPL messages. These values may be anything that conforms to the formatof an FQDN (note that the value doesn't actually have to be a resolvableFQDN since it will never be used as such). The intelligent GSLB 702 maybe provisioned with entries that associate each SLPId with the addressof the H-SLP 704 to which the SET 710 may be connected. One non-limitingembodiment for the intelligence within the GSLB 702 may be to terminatethe TLS connection 703 from the SET (therefore the GSLB would containthe SLP server certificate). The first incoming message on thisconnection may be examined. If the first incoming message does notcontain the SLPSessionId parameter within the message header (i.e., itmay be considered SET-initiated), the SET 710 may be connected to anyavailable H-SLP 704 using any configured load balancing technique (e.g.,round-robin, least connections, etc.) and the received message may beforwarded accordingly. If, however, the message contains theSLPSessionId, the SLPId may be extracted from the message header, andthe provisioned address associated with that SLPId determined or “lookedup”. A connection to the correct H-SLP 704 may then be established, andthe received message forwarded accordingly.

From this point on, anything received in either embodiment (i.e., theSET connection or the H-SLP connection) may be provided on thecorresponding other side (including connection drops). The previouslogic may assume that each SUPL session is performed on its owndedicated connection from the SET 710. The SUPL specifications generallyallow a SET 710 to initiate a new SUPL session on an existingconnection. If this is supported by both the SETs 710 and SLPs 704 inthe network, then the logic within the intelligent GSLB 702 may bemodified by terminating the TLS connection 703 from the SET 710 andexamining the first incoming message on this connection as before;however, the SLPId value in use from the first message (or the firstresponse from the H-SLP 704) may need to be recorded against the SLPconnection. For any subsequent message received on the SET connection,the GSLB 702 would attempt to extract the SLPId parameter. Absence ofthe SLPId parameter may indicate a new SET-initiated query on anexisting connection which can be forwarded on any existing establishedSLP connection. With presence of the SLPId parameter, the GSLB 702 wouldmatch the message with an already established SLP connection and forwardthe message on that SLP connection. If, however, the SLPId is presentbut fails to match any established SLP connection, the GSLB 702 may lookup the provisioned address associated with the received SLPId value,establish a new connection to the corresponding SLP 704 (recording theSLPId with the connection) and forward the message on the new connectionthereby resulting in multiple SLP connections being associated with theone SET connection. Further receipt of a message on any SLP connectionmay simply result in the received message being forwarded to theassociated SET connection. The loss of an SLP connection may thus resultin the associated SET connection being dropped if there are no more SLPconnections associated with the SET connection. If the SET connectiondrops, then all associated SLP connections may be dropped.

In a further embodiment of the present subject matter, the SET 710 mayaugment its securely provisioned FQDN with a unique identifier from theSLPId field of the SUPL INIT. For example, if the SET 710 has the FQDNof slp.operator.net provisioned, then the SLP 704 may provide a value of1, 2, 3, N, etc. in the SLPId field in the SUPL INIT. The SET 710 woulduse this SLPId value to augment the first portion of the FQDN such thatthe DNS query is for slpN.operator.net which would resolve to thecorrect SLP address to which the SET 710 may connect.

As shown by the various configurations and embodiments illustrated inFIGS. 1-7, a method and system for routing SUPL proxy-mode traffic whenmultiple nodes are deployed in a network have been described.

While preferred embodiments of the present subject matter have beendescribed, it is to be understood that the embodiments described areillustrative only and that the scope of the invention is to be definedsolely by the appended claims when accorded a full range of equivalence,many variations and modifications naturally occurring to those of skillin the art from a perusal hereof.

What we claim is:
 1. A method for connecting a mobile device to a nodein a wireless network, comprising the steps of: (a) receiving a queryfor a mobile device from a location based application; (b) transmittinga first message to the mobile device from an initiating node in responseto the query, the first message being populated with at least onepredetermined parameter; (c) establishing a transport layer security(“TLS”) connection to a second node; and (d) forwarding a second messagefrom the mobile device to the initiating node via the second node byassociating the parameter with the initiating node.